Premium Feature — Available in the Professional, Professional Plus, and Enterprise Editions. Learn more or contact LabKey.

Central Authentication Service (CAS) is an open-source authentication server that lets a user sign on to multiple applications while providing their credentials only once to a centralized CAS Server. Enabling CAS authentication lets LabKey Server authenticate users using a CAS server, without users providing their credentials directly to LabKey Server. CAS integration currently supports CAS Protocol 3.0 and requires an email attribute returned in the validation response XML.

You can also configure LabKey Server as a CAS Identity Provider, to which other servers can delegate authentication. For details see Configure CAS Identity Provider.

Note that basic HTTP authentication and netrc authentication using usernames are both disabled when SSO authentication is enabled. API keys are required for using the LabKey APIs when SSO is enabled.

Add/Configure a CAS Single Sign On Provider

  • Select (Admin) > Site > Admin Console.
  • Click the Settings tab.
  • Under Configuration, click Authentication.
    • To add a new CAS provider: Click Add > CAS ....
      • OR
    • To edit an existing provider: Click Edit next to the target provider.
  • On the Configure CAS Authentication page, enter the following:
    • Description: Enter a unique descriptive label for this provider.
    • CAS Server URL: Enter a CAS server URL. The URL should start with "https://" and end with "/cas"
    • Default to CAS Login: Place a checkmark to make CAS the default login method.
    • Enabled: Turn on/off this provider. Displayed on the main Authentication dashboard.
    • Page header logo / Login page logo: Logo branding for the login UI. See screen shots below.
  • Click Save.

Single Sign On Logo

The logos, which can be displayed on either the header area or on the login page, signals to users that single sign on is available. When the logo is clicked, LabKey Server will attempt to authenticate the user against the CAS server.

Related Topics


Was this content helpful?

Log in or register an account to provide feedback

expand all collapse all